@voidagency/web-scanner 0.0.1

package/dist/categories.js

@@ -0,0 +1,278 @@
+/**
+ * Test Categories Configuration
+ * Maps scanner tags to human-readable test categories
+ * Used to track test coverage and show "Nothing found" results
+ *
+ * Supports both ZAP (primary) and Nuclei (supplementary)
+ */
+/**
+ * Define all test categories
+ * Order matters - this is how they'll appear in the report
+ *
+ * ZAP Plugin IDs reference:
+ * - 10003: Vulnerable JS Library (Retire.js)
+ * - 10038: CSP Header Not Set
+ * - 10020: Missing X-Frame-Options
+ * - 10035: Strict-Transport-Security Not Set
+ * - 10021: X-Content-Type-Options Missing
+ * - 10098: Cross-Domain Misconfiguration (CORS)
+ * - 10202: Absence of Anti-CSRF Tokens
+ * - 90003: Sub Resource Integrity Missing
+ * - 10037: X-Powered-By Information Leak
+ * - 10036: Server Version Leak
+ * - 10027: Information Disclosure - Suspicious Comments
+ * - 10031: User Controllable HTML Attribute (XSS hint)
+ * - 10017: Cross-Domain JavaScript Source
+ */
+export const TEST_CATEGORIES = [
+    // Vulnerable Components (ZAP primary) - Most specific first
+    {
+        id: 'js-libraries',
+        name: 'JavaScript Library CVEs',
+        description: 'Vulnerable JavaScript libraries (jQuery, Bootstrap, etc.)',
+        tags: ['js-library', 'outdated-component'],
+        sources: ['zap'],
+        zapPluginIds: ['10003'],
+    },
+    // Security Headers (ZAP + Nuclei) - Remove broad "misconfig" tag
+    {
+        id: 'security-headers',
+        name: 'Security Headers',
+        description: 'HTTP security headers like HSTS, CSP, X-Frame-Options, X-Content-Type-Options',
+        tags: ['header', 'headers', 'csp', 'hsts', 'clickjacking', 'x-frame-options', 'x-content-type'],
+        templatePatterns: ['*-header*', '*security-header*'],
+        sources: ['zap', 'nuclei'],
+        zapPluginIds: ['10038', '10020', '10035', '10021', '10063'],
+    },
+    // CORS (ZAP + Nuclei)
+    {
+        id: 'cors',
+        name: 'CORS Misconfiguration',
+        description: 'Cross-Origin Resource Sharing misconfigurations',
+        tags: ['cors', 'cross-domain'],
+        templatePatterns: ['*cors*'],
+        sources: ['zap', 'nuclei'],
+        zapPluginIds: ['10098'],
+    },
+    // CSRF (ZAP primary)
+    {
+        id: 'csrf',
+        name: 'Cross-Site Request Forgery',
+        description: 'Missing Anti-CSRF tokens in forms',
+        tags: ['csrf'],
+        templatePatterns: ['*csrf*'],
+        sources: ['zap'],
+        zapPluginIds: ['10202'],
+    },
+    // SRI (ZAP primary)
+    {
+        id: 'sri',
+        name: 'Subresource Integrity',
+        description: 'External scripts missing integrity attribute',
+        tags: ['sri', 'integrity'],
+        sources: ['zap'],
+        zapPluginIds: ['90003'],
+    },
+    // Sensitive Files (Nuclei primary) - BEFORE info-disclosure to catch file exposures
+    {
+        id: 'sensitive-files',
+        name: 'Sensitive Files',
+        description: 'Backup files, config files (composer.json, .env), database dumps, lock files',
+        tags: ['backup', 'config', 'file', 'dev', 'lockfile', 'npm', 'yarn', 'theme'],
+        templatePatterns: ['*backup*', '*config*', '*.log', '*.bak', '*composer*', '*env*', '*lockfile*', '*-files-*', '*-dev-*'],
+        sources: ['nuclei'],
+    },
+    // Information Disclosure (Both) - More specific: version leaks, not file exposures
+    {
+        id: 'info-disclosure',
+        name: 'Information Disclosure',
+        description: 'Server version leaks, sensitive information in responses',
+        tags: ['disclosure', 'info-disclosure', 'version-leak'],
+        templatePatterns: ['*disclosure*'],
+        sources: ['zap', 'nuclei'],
+        zapPluginIds: ['10037', '10036', '10027', '10009'],
+    },
+    // XSS (ZAP hints + Nuclei)
+    {
+        id: 'xss',
+        name: 'Cross-Site Scripting (XSS)',
+        description: 'Reflected, stored, and DOM-based XSS',
+        tags: ['xss', 'user-input'],
+        templatePatterns: ['*xss*'],
+        sources: ['zap', 'nuclei'],
+        zapPluginIds: ['10031', '10110'],
+    },
+    // SSL/TLS (testssl.sh primary)
+    {
+        id: 'ssl-tls',
+        name: 'SSL/TLS Configuration',
+        description: 'Certificate validation, cipher suites, protocol versions',
+        tags: ['ssl', 'tls'],
+        templatePatterns: ['ssl-*', 'tls-*'],
+        sources: ['testssl'],
+    },
+    // Untrusted Certificates (testssl.sh)
+    {
+        id: 'untrusted-certs',
+        name: 'Untrusted Certificates',
+        description: 'Self-signed, expired, or untrusted SSL certificates',
+        tags: ['certificate', 'cert', 'untrusted'],
+        templatePatterns: ['*certificate*', '*cert-*'],
+        sources: ['testssl'],
+    },
+    // HTTP Debug Methods
+    {
+        id: 'http-methods',
+        name: 'HTTP Debug Methods',
+        description: 'Dangerous HTTP methods like TRACE, DEBUG, OPTIONS enabled',
+        tags: ['http', 'options', 'trace', 'debug', 'methods'],
+        templatePatterns: ['*http-options*', '*http-trace*', '*http-debug*', '*http-method*'],
+        sources: ['nuclei'],
+    },
+    // Client Access Policies
+    {
+        id: 'client-access',
+        name: 'Client Access Policies',
+        description: 'Flash crossdomain.xml and Silverlight clientaccesspolicy.xml files',
+        tags: ['crossdomain', 'clientaccess', 'flash', 'silverlight'],
+        templatePatterns: ['*crossdomain*', '*clientaccess*', '*flash-*'],
+        sources: ['nuclei'],
+    },
+    // Admin Panels (Nuclei primary)
+    {
+        id: 'admin-panels',
+        name: 'Administration Consoles',
+        description: 'Exposed admin panels, login pages, management interfaces',
+        tags: ['panel', 'login', 'admin'],
+        templatePatterns: ['*-panel', '*-login', '*admin*'],
+        sources: ['nuclei'],
+    },
+    // Directory Listing
+    {
+        id: 'directory-listing',
+        name: 'Directory Listing',
+        description: 'Directories with listing enabled',
+        tags: ['listing'],
+        templatePatterns: ['*directory-listing*', '*dir-listing*'],
+        sources: ['nuclei'],
+    },
+    // Technology Detection (Both)
+    {
+        id: 'tech-detection',
+        name: 'Software Identification',
+        description: 'Server software, frameworks, CMS detection',
+        tags: ['tech', 'detect', 'technologies', 'discovery', 'version'],
+        templatePatterns: ['*-detect', '*version-detect*'],
+        sources: ['zap', 'nuclei'],
+    },
+    // GraphQL Endpoints (Nuclei)
+    {
+        id: 'graphql',
+        name: 'GraphQL Endpoints',
+        description: 'GraphQL endpoints and introspection',
+        tags: ['graphql'],
+        templatePatterns: ['*graphql*'],
+        sources: ['nuclei'],
+    },
+    // API Endpoints (Nuclei primary)
+    {
+        id: 'api-endpoints',
+        name: 'API Endpoints',
+        description: 'REST APIs, Swagger/OpenAPI documentation',
+        tags: ['api', 'swagger', 'openapi', 'rest'],
+        templatePatterns: ['*swagger*', '*openapi*', '*api-*'],
+        sources: ['nuclei'],
+    },
+    // SQL Injection (Nuclei)
+    {
+        id: 'sqli',
+        name: 'SQL Injection',
+        description: 'SQL injection vulnerabilities',
+        tags: ['sqli', 'sql'],
+        templatePatterns: ['*sqli*', '*sql-injection*'],
+        sources: ['nuclei'],
+    },
+    // LFI/Path Traversal
+    {
+        id: 'lfi',
+        name: 'Local File Inclusion',
+        description: 'LFI and path traversal vulnerabilities',
+        tags: ['lfi', 'traversal'],
+        templatePatterns: ['*lfi*', '*traversal*'],
+        sources: ['nuclei'],
+    },
+    // RCE
+    {
+        id: 'rce',
+        name: 'Command Injection',
+        description: 'OS command injection, RCE vulnerabilities',
+        tags: ['rce', 'command-injection'],
+        templatePatterns: ['*rce*', '*command*'],
+        sources: ['nuclei'],
+    },
+    // SSRF
+    {
+        id: 'ssrf',
+        name: 'Server-Side Request Forgery',
+        description: 'SSRF vulnerabilities',
+        tags: ['ssrf'],
+        templatePatterns: ['*ssrf*'],
+        sources: ['nuclei'],
+    },
+    // Open Redirect
+    {
+        id: 'redirect',
+        name: 'Open Redirect',
+        description: 'Open redirect vulnerabilities',
+        tags: ['redirect'],
+        templatePatterns: ['*redirect*'],
+        sources: ['zap', 'nuclei'],
+        zapPluginIds: ['10044'],
+    },
+    // CVE-based (Both)
+    {
+        id: 'known-cves',
+        name: 'Known Vulnerabilities (CVEs)',
+        description: 'CVE-based vulnerability checks',
+        tags: ['cve'],
+        templatePatterns: ['CVE-*', 'cve-*'],
+        sources: ['zap', 'nuclei', 'nvd'],
+    },
+];
+/**
+ * Match a finding to categories based on tags and template ID
+ */
+export function matchCategories(templateId, tags = []) {
+    const matchedCategories = [];
+    const lowerTags = new Set(tags.map(t => t.toLowerCase()));
+    const lowerTemplateId = templateId.toLowerCase();
+    for (const category of TEST_CATEGORIES) {
+        // Check tag match
+        const tagMatch = category.tags.some(catTag => lowerTags.has(catTag.toLowerCase()));
+        // Check template pattern match
+        let patternMatch = false;
+        if (category.templatePatterns) {
+            patternMatch = category.templatePatterns.some(pattern => {
+                const regex = new RegExp(pattern.replaceAll('*', '.*').replaceAll('?', '.'), 'i');
+                return regex.test(lowerTemplateId);
+            });
+        }
+        if (tagMatch || patternMatch) {
+            matchedCategories.push(category.id);
+        }
+    }
+    return matchedCategories;
+}
+/**
+ * Get category by ID
+ */
+export function getCategoryById(id) {
+    return TEST_CATEGORIES.find(c => c.id === id);
+}
+/**
+ * Get all category IDs
+ */
+export function getAllCategoryIds() {
+    return TEST_CATEGORIES.map(c => c.id);
+}
+//# sourceMappingURL=categories.js.map

package/dist/categories.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"categories.js","sourceRoot":"","sources":["../src/categories.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAcH;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,MAAM,eAAe,GAAmB;IAC7C,4DAA4D;IAC5D;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,2DAA2D;QACxE,IAAI,EAAE,CAAC,YAAY,EAAE,oBAAoB,CAAC;QAC1C,OAAO,EAAE,CAAC,KAAK,CAAC;QAChB,YAAY,EAAE,CAAC,OAAO,CAAC;KACxB;IAED,iEAAiE;IACjE;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+EAA+E;QAC5F,IAAI,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,gBAAgB,CAAC;QAC/F,gBAAgB,EAAE,CAAC,WAAW,EAAE,mBAAmB,CAAC;QACpD,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC1B,YAAY,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KAC5D;IAED,sBAAsB;IACtB;QACE,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,iDAAiD;QAC9D,IAAI,EAAE,CAAC,MAAM,EAAE,cAAc,CAAC;QAC9B,gBAAgB,EAAE,CAAC,QAAQ,CAAC;QAC5B,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC1B,YAAY,EAAE,CAAC,OAAO,CAAC;KACxB;IAED,qBAAqB;IACrB;QACE,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,mCAAmC;QAChD,IAAI,EAAE,CAAC,MAAM,CAAC;QACd,gBAAgB,EAAE,CAAC,QAAQ,CAAC;QAC5B,OAAO,EAAE,CAAC,KAAK,CAAC;QAChB,YAAY,EAAE,CAAC,OAAO,CAAC;KACxB;IAED,oBAAoB;IACpB;QACE,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,8CAA8C;QAC3D,IAAI,EAAE,CAAC,KAAK,EAAE,WAAW,CAAC;QAC1B,OAAO,EAAE,CAAC,KAAK,CAAC;QAChB,YAAY,EAAE,CAAC,OAAO,CAAC;KACxB;IAED,oFAAoF;IACpF;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,8EAA8E;QAC3F,IAAI,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC;QAC7E,gBAAgB,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,CAAC;QACzH,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,mFAAmF;IACnF;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,0DAA0D;QACvE,IAAI,EAAE,CAAC,YAAY,EAAE,iBAAiB,EAAE,cAAc,CAAC;QACvD,gBAAgB,EAAE,CAAC,cAAc,CAAC;QAClC,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC1B,YAAY,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KACnD;IAED,2BAA2B;IAC3B;QACE,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,sCAAsC;QACnD,IAAI,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;QAC3B,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC1B,YAAY,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;KACjC;IAED,+BAA+B;IAC/B;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,0DAA0D;QACvE,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;QACpB,gBAAgB,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;QACpC,OAAO,EAAE,CAAC,SAAS,CAAC;KACrB;IAED,sCAAsC;IACtC;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,qDAAqD;QAClE,IAAI,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,WAAW,CAAC;QAC1C,gBAAgB,EAAE,CAAC,eAAe,EAAE,SAAS,CAAC;QAC9C,OAAO,EAAE,CAAC,SAAS,CAAC;KACrB;IAED,qBAAqB;IACrB;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2DAA2D;QACxE,IAAI,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC;QACtD,gBAAgB,EAAE,CAAC,gBAAgB,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,CAAC;QACrF,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,yBAAyB;IACzB;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,oEAAoE;QACjF,IAAI,EAAE,CAAC,aAAa,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa,CAAC;QAC7D,gBAAgB,EAAE,CAAC,eAAe,EAAE,gBAAgB,EAAE,UAAU,CAAC;QACjE,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,gCAAgC;IAChC;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,0DAA0D;QACvE,IAAI,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;QACjC,gBAAgB,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;QACnD,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,oBAAoB;IACpB;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,kCAAkC;QAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;QACjB,gBAAgB,EAAE,CAAC,qBAAqB,EAAE,eAAe,CAAC;QAC1D,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,8BAA8B;IAC9B;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,4CAA4C;QACzD,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,WAAW,EAAE,SAAS,CAAC;QAChE,gBAAgB,EAAE,CAAC,UAAU,EAAE,kBAAkB,CAAC;QAClD,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;KAC3B;IAED,6BAA6B;IAC7B;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,qCAAqC;QAClD,IAAI,EAAE,CAAC,SAAS,CAAC;QACjB,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,iCAAiC;IACjC;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,0CAA0C;QACvD,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC;QAC3C,gBAAgB,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,QAAQ,CAAC;QACtD,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,yBAAyB;IACzB;QACE,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,+BAA+B;QAC5C,IAAI,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC;QACrB,gBAAgB,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;QAC/C,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,qBAAqB;IACrB;QACE,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,wCAAwC;QACrD,IAAI,EAAE,CAAC,KAAK,EAAE,WAAW,CAAC;QAC1B,gBAAgB,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC;QAC1C,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,MAAM;IACN;QACE,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2CAA2C;QACxD,IAAI,EAAE,CAAC,KAAK,EAAE,mBAAmB,CAAC;QAClC,gBAAgB,EAAE,CAAC,OAAO,EAAE,WAAW,CAAC;QACxC,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,OAAO;IACP;QACE,EAAE,EAAE,MAAM;QACV,IAAI,EAAE,6BAA6B;QACnC,WAAW,EAAE,sBAAsB;QACnC,IAAI,EAAE,CAAC,MAAM,CAAC;QACd,gBAAgB,EAAE,CAAC,QAAQ,CAAC;QAC5B,OAAO,EAAE,CAAC,QAAQ,CAAC;KACpB;IAED,gBAAgB;IAChB;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,+BAA+B;QAC5C,IAAI,EAAE,CAAC,UAAU,CAAC;QAClB,gBAAgB,EAAE,CAAC,YAAY,CAAC;QAChC,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC1B,YAAY,EAAE,CAAC,OAAO,CAAC;KACxB;IAED,mBAAmB;IACnB;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,gCAAgC;QAC7C,IAAI,EAAE,CAAC,KAAK,CAAC;QACb,gBAAgB,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;QACpC,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,CAAC;KAClC;CACF,CAAC;AAYF;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,UAAkB,EAClB,OAAiB,EAAE;IAEnB,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC1D,MAAM,eAAe,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,eAAe,EAAE,CAAC;QACvC,kBAAkB;QAClB,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAC3C,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CACpC,CAAC;QAEF,+BAA+B;QAC/B,IAAI,YAAY,GAAG,KAAK,CAAC;QACzB,IAAI,QAAQ,CAAC,gBAAgB,EAAE,CAAC;YAC9B,YAAY,GAAG,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;gBACtD,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,OAAO,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,EAClD,GAAG,CACJ,CAAC;gBACF,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,IAAI,YAAY,EAAE,CAAC;YAC7B,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,EAAU;IACxC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC"}

package/dist/cli.d.ts

@@ -0,0 +1,12 @@
+#!/usr/bin/env node
+/**
+ * VoidSec Scanner CLI
+ * Security scanning orchestrator
+ *
+ * Architecture:
+ * - ZAP (primary): JS CVEs, Headers, CORS, CSRF, XSS hints
+ * - Nuclei (supplementary): CMS detection, exposed files, takeovers
+ * - testssl.sh: SSL/TLS analysis
+ */
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;GAQG"}